Volatility plugin to search for all Autostart Extensibility Points (AESPs)
-
Updated
May 16, 2024 - Python
Volatility plugin to search for all Autostart Extensibility Points (AESPs)
Highly useful Volatility-Malfind output parser for detecting Code/Process Injection patterns
GLASS (Global Language And Site Scanner) is a Volatility plugin designed by Clayton Wenzel, James Baumhardt, and Nathan Eberly, aiming to swiftly identify and classify malicious domains and unexpected languages within a memory dump, providing users with dynamic insights for forensic investigations.
A suite of Volatility 3 plugins for memory forensics of Docker containers
Volatility plugin to calculate and compare Windows processes fuzzy hashes
Volatility plugin to yield and compare similarity digest of modules on execution.
Volatility plugin to detect malicious code thanks to ClamAV
Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
Volatility 3 plugins to extract a module as complete as possible
Volatility 2.6 plugin to undo modifications done by relocation process on modules
A ProcInjectionsFind volatility plugin runs against malware-infected memory images or memory of live VMs and examines each memory region of all running processes to conclude if it is the result of process injection.
Volatility Explorer Suit
PS / Bash / Python / Other scripts For FUN!
Run several volatility plugins at the same time
Volatility plugins to recover ML model attributes from memory images
Volatility plugin to obtain the number of the resident memory pages per module (exe or dll) and per driver from a Windows memory dump.
Volatility plugins developed and maintained by the community
Dump Module Mixer (dumd-mixer) is a Python script to generate a module from the same module extracted from a collection of memory dumps.
Add a description, image, and links to the volatility-plugins topic page so that developers can more easily learn about it.
To associate your repository with the volatility-plugins topic, visit your repo's landing page and select "manage topics."